Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Memory Forensics for Pentesters: Firefox

10,547 views

Published on

This is part one in a series of presentations I will be giving at the NoVAHackers meetings on forensics of all kinds as it can be leveraged in a penetration test.

Published in: Technology
  • ⇒⇒⇒WRITE-MY-PAPER.net ⇐⇐⇐ I love this site. It always finds me the best tutors in accordance with my needs. I have been using it since last year. The prices are not expensive compared to other sites. I am glad I discored this site:)
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • D0WNL0AD FULL ▶ ▶ ▶ ▶ http://1lite.top/0AVPg ◀ ◀ ◀ ◀
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • D0WNL0AD FULL ▶ ▶ ▶ ▶ http://1lite.top/0AVPg ◀ ◀ ◀ ◀
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Have you ever used the help of ⇒ www.HelpWriting.net ⇐? They can help you with any type of writing - from personal statement to research paper. Due to this service you'll save your time and get an essay without plagiarism.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • D0WNL0AD FULL ▶ ▶ ▶ ▶ http://1lite.top/0AVPg ◀ ◀ ◀ ◀
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Memory Forensics for Pentesters: Firefox

  1. 1. Memory Forensics for Penetration Testers
  2. 2. Memory Sizes • 1 GB (Netbook standard) • 2 GB (Old standard) • 4 GB (Laptop standard now) • Forensics don’t care, they deal with HDDs • Sneaky Sneaky!
  3. 3. Memory Sizes • 1 GB (Netbook standard) • 2 GB (Old standard) • 4 GB (Laptop standard now) • Forensics don’t care, they deal with HDDs • Sneaky Sneaky!
  4. 4. 32 bit vs 64 bit • Annoying
  5. 5. Per-process Memory Dumping • PMD • (P)rocess (M)emory (D)umper SURPRISE! • EvilFingers (https://www.evilfingers.com/) • Since v1.2 it’s gone gooey. • Still awesome but useless at a prompt.
  6. 6. PWD
  7. 7. PMDump • http://ntsecurity.nu/toolbox/pmdump/
  8. 8. Firefox • You know..
  9. 9. Firefox • You know..
  10. 10. Firepassword • http://securityxploded.com/ firepassword.php • or you could do it the easy way: • http://carnal0wnage.blogspot.com/ 2010/06/firefox-saved-passwords.html
  11. 11. Master Password :-(
  12. 12. FireMaster • http://securityxploded.com/firemaster.php
  13. 13. dump firefox memory definitely smaller but be careful
  14. 14. strings FTW! strings firefox.mem | sed ‘/^.{30}/d’ | sort -u | sed ‘/$’”/ `echo r` /” > firefoxdictionary.txt
  15. 15. win!
  16. 16. Questions?

×